In a bid to calm growing privacy concerns about the government's spying powers, President Obama outlined a series of steps Friday aimed at ushering in "concrete and substantial" reforms to the National Security Agency.

"Americans recognized that we had to adapt to a world in which a bomb could be built in a basement and our electric grid could be shut down by operators an ocean away," the president said during a major policy speech at the Department of Justice.

"And yet," he added, "in our rush to respond to very real and novel threats, the risks of government overreach—the possibility that we lose some of our core liberties in pursuit of security—became more pronounced.

"The reforms I'm proposing today," Obama said toward the end of the speech, "should give the American people greater confidence that their rights are being protected, even as our intelligence and law enforcement agencies maintain the tools they need to keep us safe.

Obama will ask Attorney General Eric Holder and senior intelligence officials to forge a path forward that preserves the capabilities of the program without government retention of the data. The president is asking for a report outlining data transfer options before March 28th, when the collection program comes up for reauthorization.

Additionally, intelligence analysts will now be required to obtain approval from a secret court before querying information from the vast telephone database.

The metadata program, Obama said, "does not involve the content of phone calls, or the names of people making calls. Instead, it provides a record of phone numbers and the times and lengths of calls—meta-data that can be queried if and when we have a reasonable suspicion that a particular number is linked to a terrorist organization."

Obama defended the bulk collection of metadata in part by raising the spector of 9/11. "One of the 9/11 hijackers—Khalid al-Mihdhar—made a phone call from San Diego to a known al Qaeda safe-house in Yemen," Obama said. "NSA saw that call, but could not see that it was coming from an individual already in the United States." The metadata program, the president said, was created to remedy that problem.

The NSA will also reduce from three to two the number of "hops," or degrees of separation, away from a suspected target it can jump when analyzing communications data. In his speech, Obama said this change would be "effective immediately."

The White House also released a policy directive Friday morning, which recognizes that "signals intelligence activities and the possibility that such activities may be improperly disclosed to the public pose multiple risks," including harming international relationships. The directive also orders that "privacy and civil liberties shall be integral considerations in the planning of U.S. signals intelligence activities."

While the president recognized the surveillance program has grown in recent years, he also strongly defended those who work in the intelligence community, saying they do not abuse power. "After all," he said, "the folks at NSA and other intelligence agencies are our neighbors and our friends."

"Those who defend these programs are not dismissive of civil liberties," Obama said.

Obama also called on Congress to create a panel of outside advocates to provide an "independent voice" in significant cases before the Foreign Intelligence Surveillance Court. Currently, the court only hears arguments from the government in favor of surveillance.

It's unclear how closely this outside panel would resemble the recommendation from the president's own NSA review group for a special advocate to argue in favor of stronger privacy protections before the secretive court.

Technology companies like Google, Facebook and Microsoft have been clamoring to reveal more information about the requests they receive from the NSA for user data. They argue that the secrecy surrounding the surveillance has heightened privacy fears and discouraged people from using their services.

Obama announced several steps aimed at improving transparency. He directed the Justice Department to loosen the gag orders that accompany National Security Letters, which require companies to turn over customer information. The gag orders will no longer be indefinite, Obama said.

The government will also allow companies like Google to disclose more statistics about the government's surveillance of their users.

The bottom line is that people around the world—regardless of their nationality—should know that the United States is not spying on ordinary people who don't threaten our national security, and that we take their privacy concerns into account. This applies to foreign leaders as well. Given the understandable attention that this issue has received, I have made clear to the intelligence community that—unless there is a compelling national security purpose—we will not monitor the communications of heads of state and government of our close friends and allies.

At the same time, the president said that U.S. intelligence agencies "will continue to gather information about the intentions of governments–as opposed to ordinary citizens–around the world...We will not apologize simply because our services may be more effective."

Obama's speech is the first to enumerate specific reforms to the NSA since Edward Snowden began leaking details about the agency's surveillance powers last June. The intelligence community has consistently defended its collection of phone records, which they contend is legally justified under Section 215 of the post-9/11 Patriot Act, as necessary to combat potential terror threats.

"Given the fact of an open investigation," Obama said, "I'm not going to dwell on Mr. Snowden's actions or motivations." But he did make clear his not-too-warm feelings:

I will say that our nation's defense depends in part on the fidelity of those entrusted with our nation's secrets. If any individual who objects to government policy can take it in their own hands to publicly disclose classified information, then we will never be able to keep our people safe, or conduct foreign policy.

The president, for his part, emphasized his "healthy skepticism" toward surveillance programs, and noted that his administration has increased oversight and auditing. He later mentioned that he would "not be where I am today were it not for the courage of dissidents, like Dr. King, who were spied on by their own government."

That sentiment, of course, stands in stark contrast to the massive spying program he has overseen. And times have changed:

The president also criticized unnamed countries for knocking the NSA's programs in light of the leaks:

We know that the intelligence services of other countries—including some who feign surprise over the Snowden disclosures—are constantly probing our government and private sector networks, and accelerating programs to listen to our conversations, intercept our emails, or compromise our systems. Meanwhile, a number of countries, including some who have loudly criticized the NSA, privately acknowledge that America has special responsibilities as the world's only superpower; that our intelligence capabilities are critical to meeting these responsibilities; and that they themselves have relied on the information we obtain to protect their own people.

Director of National Intelligence James Clapper applauded Obama's Friday approach in a statement as "measured and thoughtful" and "focused on striking the right balance."

Privacy advocates have long been clamoring for the government to relinquish control of telephone metadata and increase judicial review of the NSA's surveillance authority, a view the president's hand-picked review panel echoed last month. The panel also concluded that the program itself has not been responsible for preventing any terrorist attacks.

But many believe the government should end its current mass data-gathering techniques entirely, and consider phone company or third-party retention as merely a pivot that will incur a bevy of legal headaches from the technology industry and others.

Phone companies have given no indication that they are receptive to any mandate requiring them to maintain and oversee the massive trove of telephone metadata, which includes numbers, call times and call durations but not the contents of conversations.

"This shifting of records would not solve the problem—it would just shift it," said Elizabeth Goitein, co-director of the Liberty and National Security Program at the Brennan Center for Justice. "In the case of telephone companies, it would turn them into agents of the surveillance community."

Obama's speech sets up a showdown in Congress over how tightly to limit the NSA's powers. Prior to the speech, several members of Congress championing NSA reform legislation indicated they plan to move ahead with legislation regardless of the reforms announced.

One of the members he'll have to convince is Rep. Peter King, R-N.Y., a prominent member of the Intelligence Committee. The White House invited him to attend the event at the Justice Department.

"Because of the strength of our own democracy," Obama said at the end of his speech, "we should not shy away from high expectations." Now we'll see just what expectations Obama's proposals have lived up to, or failed.

By using this service you agree not to post material that is obscene, harassing, defamatory, or
otherwise objectionable. Although GovExec.com does not monitor comments posted to this site (and
has no obligation to), it reserves the right to delete, edit, or move any material that it deems
to be in violation of this rule.

Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.